<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META content="text/html; charset=ISO-8859-2" http-equiv="content-type">
<meta name="robots" content="index,follow">
<META NAME="Keywords" CONTENT="encryption, RC4, online, javascript">
<meta name="viewport" content="width=device-width, initial-scale=1">
<META NAME="Author" CONTENT="Tomasz Ostrowski">
<META name="description" content="RC4 file encryption/decryption">  
<link rel="stylesheet" type="text/css" media="only screen and (max-width: 959px)" href="./css/mobile.css" />
<link rel="stylesheet" type="text/css" media="only screen and (min-width: 960px)" href="./css/main.css" />
<script type="text/javascript" src="./js/tree.js"></script>


<script src="./js/jquery-2.1.3.min.js"></script>
<!-- <link rel="stylesheet" type="text/css" href="./css/jquery-eu-cookie-law-popup.css"/>
<script src="./js/jquery-eu-cookie-law-popup-en.js"></script> -->

<title>RC4 file encryption/decryption</title>  
</head>
<body class="eupopup eupopup-bottomleft eupopup-style-compact">

<div id="wrap">
<div id="header">
<div id="header_l">
  <a href="../index.htm">erma0.cn</a>
</div>
<div id="header_r"><A HREF="./rc4.htm" TARGET="_self"><strong>ENGLISH VERSION</strong></A><br><A HREF="./rc4.php?lang=pl" TARGET="_self"><strong>WERSJA POLSKA</strong></A></div>      
</div>

<a href="../bot-trap/">
  <img src="./images/pixel.gif" border="0" alt=" " width="1" height="1">
</a>
     


<div id="main">

    <h1>RC4 file encryption/decryption</h1>
    <p>Client-side (javascript, no data is sent to server) RC4 encryption/decryption. Be careful
    with large files (possible high resource consumption leading to browser crash, offline tools
    might be better for large files).</p>
    <p>RC4 is a symmetrical stream cipher and both encryption and decryption are using same
    operation - basically XORing input data with very long (256B of state variable) byte stream
    generated from password / initial vector. Because of XOR property (X ^ Y) ^ Y = X data is
    encrypted on first run (X ^ Y), decrypted on second run by XORing with identical byte stream as
    first time.</p>
    <p>For security (*):</p>
    <ul>
      <li>never reuse initial vector</li>
      <li>use strong initial vector, e.g. hash of some text password and unique counter or some kind of salt; MD5 should be fine as purpose of it is avalanche effect, not collision resistance</li>
      <li>drop first bytes from key byte stream (aka RC-dropN) to minimize bias</li>
    </ul>
    <p>(*) security not guaranteed, but if you lose initial vector or drop number for encrypted file you're gonna have a bad time</p>
    <form name="frmConvert" action="">
      <p>Source file: 
      <input type="file" name="fileinput" onchange="openFile(event)" /></p>
      <p>Initializing vector (hex, arbitrary length up to 256 bytes):<br>
      <input type="text" name="initial_bytes" value="0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88" style="width: 550px;">
      <br>
      Drop first <input type="text" name="dropN" value="256" style="width: 50px;"> bytes from key stream.
      </p>
        <p>Options:</p>
          <p><input type="checkbox" name="chbSeparator" value="sep" checked="checked">remove "0x" groups from initializing string in addition to non-hex characters</p>
        <p>Cleaned initializing vector (removed non-hex characters):</p>
        <p><input type="text" name="cleaned_hex" readonly="readonly" value="" style="width: 550px;"></p>				      
        
        <p>Name of file to create:</p>
        <p>
        <input type="text" name="filename" value="file.rc4" style="width: 550px;">
        </p>      
      <p>
        <button type="button" name="btnConvert" onclick="Convert()">Convert</button>
      </p>
    </form>
    <!-- <h2>Offline tool</h2>
    <p>
    Simple win32 application with similar functionality. Password / initial vector can be entered as text
    or in hexadecimal form. There is also option to skip (copy directly) initial bytes (e.g. header) from processed file.
    Turbo C++: <a href="../bin/RC4/FileEncryptDecrypt.zip">FileEncryptDecrypt.zip</a><br>
    <img src="../bin/RC4/FileEncryptDecrypt.png" alt="RC4 file encrypt and decrypt">     
    </p> -->

</div>


<script type="text/javascript">
//<!--
    function clean_hex(input, remove_0x) {
        input = input.toUpperCase();

        if (remove_0x) {
            input = input.replace(/0x/gi, "");
        }

        var orig_input = input;
        input = input.replace(/[^A-Fa-f0-9]/g, "");
        if (orig_input != input)
            alert("Warning! Non-hex characters (including newlines) in input string ignored.");
        return input;
    }

    function rc4(iv, dropN, source) {
        var s = [],
            j = 0,
            x;
        var res = [];
        for (var i = 0; i < 256; i++) {
            s[i] = i;
        }
        for (i = 0; i < 256; i++) {
            j = (j + s[i] + iv[i % iv.length]) % 256;
            x = s[i];
            s[i] = s[j];
            s[j] = x;
        }

        i = 0;
        j = 0;
        for (var y = 0; y < dropN; y++) {
            i = (i + 1) % 256;
            j = (j + s[i]) % 256;
            x = s[i];
            s[i] = s[j];
            s[j] = x;
        }
        for (var y = 0; y < source.length; y++) {
            i = (i + 1) % 256;
            j = (j + s[i]) % 256;
            x = s[i];
            s[i] = s[j];
            s[j] = x;
            res[y] = source[y] ^ s[(s[i] + s[j]) % 256];
        }
        return res;
    }

    var fileData;

    function Convert() {
        var cleaned_hex = clean_hex(document.frmConvert.initial_bytes.value, document.frmConvert.chbSeparator.checked);
        var filename = document.frmConvert.filename.value;
        document.frmConvert.cleaned_hex.value = cleaned_hex;
        if (cleaned_hex.length % 2) {
            alert("Error: cleaned hex string length is odd.");
            return;
        }

        var binaryIV = new Array();
        for (var i = 0; i < cleaned_hex.length / 2; i++) {
            var h = cleaned_hex.substr(i * 2, 2);
            binaryIV[i] = parseInt(h, 16);
        }

        var dropN = parseInt(document.frmConvert.dropN.value);
        var processed = rc4(binaryIV, dropN, fileData);
        var byteArray = new Uint8Array(processed);

        var a = window.document.createElement('a');
        a.href = window.URL.createObjectURL(new Blob([byteArray], {
            type: 'application/octet-stream'
        }));
        a.download = filename;
        // Append anchor to body.
        document.body.appendChild(a);
        a.click();
        // Remove anchor from body
        document.body.removeChild(a);
    }


    var openFile = function(event) {
        var input = event.target;
        var reader = new FileReader();
        reader.onload = function() {
            var arr = reader.result;
            fileData = new Uint8Array(arr);
        };
        reader.readAsArrayBuffer(input.files[0]);
    };
//-->
</script>


<div id="sidebar">
<h3>Sitemap</h3>

<ul id="tree0" class="tree">

    <li ><a>PROJECTS</a>
    <ul>
    <li><A HREF="../programator.htm" TARGET="_self">FLASH 49F programmer</A></li> 
    </ul>
    </li>

 
    <li><a>ONLINE TOOLS</a>
    <ul>
    <li><a href="./base64.htm" TARGET="_self">Base64 -&gt; HEX</A></li>
    <li><a href="./base32.htm" TARGET="_self">Base32 -&gt; HEX</a></li>
    <li><a href="./base32hex.htm" TARGET="_self">Base32hex -&gt; HEX</a></li>
    <li><a href="./ascii.htm" TARGET="_self">ASCII -&gt; HEX</a></li>
    <li><a href="./ascii_uN.htm" TARGET="_self">ASCII -&gt; u16/u32/u64 HEX</a></li>            
    <li><a href="./hex_to_base64.htm" TARGET="_self">HEX -&gt; Base64</a></li>
    <li><a href="./text_to_base64.htm" TARGET="_self">Text -&gt; Base64</a></li>
    <li><a href="./hex_to_base32.htm" TARGET="_self">HEX -&gt; Base32</a></li>
    <li><a href="./hex_to_base32hex.htm" TARGET="_self">HEX -&gt; Base32hex</a></li>
    <li><a href="./hex_to_ascii.htm" TARGET="_self">HEX -&gt; ASCII</a></li>
    <li><a href="./hex_to_dec.htm" TARGET="_self">HEX -&gt; DEC</a></li>	
    <li><a href="./dec_to_ascii.htm" TARGET="_self">DEC -&gt; ASCII</a></li>
    <li><a href="./bin_to_32bit_hex.htm" TARGET="_self">BIN &lt;-&gt; 32-bit hex</a></li>    
    <li><a href="./md5.htm" TARGET="_self">MD5 calculator</a></li>
    <li><a href="./sha1.htm" TARGET="_self">SHA1 calculator</a></li>    
    <li><a href="./regexp.htm" TARGET="_self">Regular exp.</a></li>
    <li><a href="./cpp_text_escape.htm" TARGET="_self">Text -&gt; Cpp</a></li>
    <li><a href="./cpp_unescape.htm" TARGET="_self">Cpp -&gt; text</a></li>
    <li><a href="./pascal_escape.htm" TARGET="_self">Text -&gt; Pascal</a></li>        
    <li><a href="./hex_to_file.htm" TARGET="_self">HEX -&gt; file</a></li>
    <li><a href="./file_to_hex.htm" TARGET="_self">File -&gt; HEX</a></li>
    <li><a href="./file_to_base64.htm" TARGET="_self">File -&gt; Base64</a></li>    
    <li><a href="./html_list_gen.htm" TARGET="_self">Text -&gt; HTML ul</a></li>
    <li><a href="./crc8.htm" TARGET="_self">CRC8</a></li>
    <li><a href="./wave_gen.htm" TARGET="_self">WAVE generator</a></li>
    <li><a href="./bin_decoder.htm" TARGET="_self">Bin decoder</a></li>
    <li><a href="./rc4.htm" TARGET="_self">RC4</a></li>          
    <li><a href="./xor.htm" TARGET="_self">XOR</a></li>
    <li><a href="./inv.htm" TARGET="_self">Inverting bits</a></li>
    <li><a href="./par_resistors.htm" TARGET="_self">Par. resistors search</a></li>
    <li><a href="./unique_str.htm" TARGET="_self">Deduplicate / sort</a></li>        
    <li><a href="./base64_to_PEM.htm" TARGET="_self">Base64 -&gt; PEM</a></li>
    <li><a href="./PEM_to_base64.htm" TARGET="_self">PEM -&gt; base64</a></li>
    <li><a href="./diskstats.htm" TARGET="_self">/proc/diskstats</a></li>    
    </ul>
    </li> 


    <li><A HREF="../contact2.htm" TARGET="_self">Contact</A></li></ul>
<script type="text/javascript">
//<!--
new tree("tree0");
//-->
</script>

<br>  
<br>  
<br>  





  <br>    

        
    
</div>


<div id="footer">




  
</div>


<br>
<div id="footer2"><p>      
            <!-- <font size="-2">&nbsp;"Cookie monsters": 5583818&nbsp;&nbsp;&nbsp;&nbsp;Parse time:&nbsp;0.000 s</font> -->

  </p>
	</div>
</div>
</body>
</html>

